Key data
| Regulation | Commission Implementing Regulation (EU) 2026/798, of April 7, 2026 |
|---|---|
| Publication | April 8, 2026 (EU Official Journal) |
| Entry into force | April 7, 2026 |
| Affected parties | Digital wallet providers, credential issuers, public administrations and private companies that accept the EUDIW |
| Category | European Regulation |
| Base regulation | Regulation (EU) No. 910/2014 (eIDAS) |
| Security levels regulated | Substantial and High |
If your company accepts the European digital identity wallet as an identification method, or if you are a digital identity solution provider, this regulation is already enforceable. The Commission Implementing Regulation (EU) 2026/798, in force since April 7, 2026, sets the technical specifications and reference standards so that citizens can register in the EUDIW (European Union Digital Identity Wallet) completely remotely.
It is not a future regulation: it entered into force before its official publication in the EU Official Journal (April 8, 2026). Any digital onboarding process that uses the European eID wallet must comply with these rules now.
What does this regulation establish?
The regulation develops Article 910/2014 (eIDAS) and establishes two differentiated remote onboarding frameworks depending on the security level of the electronic identification means used:
| Security level | Requirement | Procedure |
|---|---|---|
| Substantial | The electronic identification means meets the substantial level | Standard remote registration according to regulation specifications |
| High | The combination of identification means + additional procedures meets the high level | Standard remote registration plus additional remote onboarding procedures |
The technical specifications include harmonized reference standards that guarantee cross-border interoperability within the EU. This means that a registration process valid in Spain must be recognized in any other Member State.
The regulation also establishes that private entities that accept the EUDIW as an identification method must adapt their internal processes to be compatible with this technical framework, not just wallet providers.
Economic and operational impact
The impact is not a direct fee or fine: it is a cost of technological and process adaptation. Affected organizations must assess three types of impact:
- Technical adaptation cost: Digital wallet providers and credential issuers must review and update their remote onboarding systems to comply with the regulation's technical specifications.
- Operational compliance cost: Private companies that accept the EUDIW must modify their user onboarding flows to be compatible with substantial and high security levels.
- Market opportunity: Technical harmonization reduces fragmentation in the European digital identity market. Companies that adapt early will be able to operate throughout the EU without additional identification friction.
The cross-border interoperability guaranteed by this regulation eliminates the need to develop different identification solutions for each EU country, which in the medium term reduces costs for companies operating in multiple Member States.
Who does it affect?
- European digital identity wallet providers (EUDIW): Direct obligation to comply with remote onboarding technical specifications.
- Credential issuers: Must adapt their issuance processes to the established technical framework.
- Public administrations: Member States and their bodies that implement EUDIW-based systems must apply these standards.
- Private companies that accept the EUDIW: Any private entity that uses the European eID wallet as a method of identifying customers or users must adapt its onboarding processes.
- Technology integrators and digital identity solution providers: Must ensure that their products are compatible with the regulation's specifications to be able to offer them in the European market.
Practical example
A Spanish financial entity that wants to allow its customers to open a bank account completely remotely using the European eID wallet must review its digital onboarding process in two scenarios:
- Scenario 1 — Substantial level: The customer identifies themselves with an electronic identification means that meets the substantial level (for example, the Spanish electronic ID in certain configurations). The bank must implement the remote onboarding process according to the technical specifications of Regulation 2026/798 so that this registration is valid and recognized throughout the EU.
- Scenario 2 — High level: If the bank requires a high security level (for example, for financial services that require greater identity assurance), it must combine the electronic identification means with the additional remote onboarding procedures established by the regulation, so that the combination meets high level requirements.
In both cases, if the bank does not adapt its process to these specifications, the remote registration will not be compliant with the European framework and may not be legally recognized in other EU Member States.
What should companies do now?
- Identify if your company is an actor in the EUDIW ecosystem: Determine if you are a digital wallet provider, credential issuer or company that accepts the EUDIW as an identification method. If so, the regulation already applies to you.
- Audit your current remote onboarding processes: Review whether your remote user onboarding processes are compatible with the technical specifications of Regulation 2026/798, especially regarding substantial and high security levels.
- Evaluate the cost of technical adaptation: Have your technology team or external provider assess the gap between your current systems and the regulation's technical requirements.
- Coordinate with your technology providers: If you use third-party solutions for digital customer identification, verify that those providers have already adapted their products to the new European technical framework.
- Consult with a specialist advisor in eIDAS and digital identity regulation: Since the regulation develops Regulation (EU) 910/2014, technical-legal interpretation requires specialization in eIDAS regulation and its implementing acts.
Frequently asked questions
Which companies are required to comply with Commission Implementing Regulation EU 2026/798?
Obligated parties are European digital wallet providers (EUDIW), credential issuers, public administrations that implement these systems, and private entities that accept the EUDIW as an identification method. If your company uses the European eID wallet to identify customers or users, you must adapt your processes.
When does the regulation on remote registration in the European eID wallet come into force?
Commission Implementing Regulation (EU) 2026/798 entered into force on April 7, 2026, the date of its signature. It was published in the EU Official Journal on April 8, 2026.
What is the difference between the substantial security level and the high level in the eID wallet?
The substantial level is the minimum required for remote registration in the EUDIW. The high level is achieved through additional remote onboarding procedures that, combined with the electronic identification means, meet stricter identity verification requirements. Both levels are regulated in this regulation.